LDAP Operations Error
Syed Rais Ahmad NON DRI
SAhmad at darden.com
Thu Jun 18 22:05:10 CEST 2015
In my FreeRadius configuration, ntlm_auth gives me successful search output:
[root at rscradiuspr01 samba]# ntlm_auth --request-nt-key --domain=DRI_NT1 --username=SYEDRA
password:
NT_STATUS_OK: Success (0x0)
However, RADIUS rejects the user:
Thu Jun 18 16:02:46 2015 : Debug: [ldap] waiting for bind result ...
Thu Jun 18 16:02:46 2015 : Debug: [ldap] Bind was successful
Thu Jun 18 16:02:46 2015 : Debug: [ldap] performing search in ou=users,dc=darden,dc=com, with filter (uid=SYEDRA)
Thu Jun 18 16:02:46 2015 : Error: [ldap] ldap_search() failed: Operations error
Thu Jun 18 16:02:46 2015 : Info: [ldap] search failed
Thu Jun 18 16:02:46 2015 : Debug: [ldap] ldap_release_conn: Release Id: 0
Thu Jun 18 16:02:46 2015 : Info: ++[ldap] returns fail
Thu Jun 18 16:02:46 2015 : Info: Using Post-Auth-Type Reject
Thu Jun 18 16:02:46 2015 : Info: # Executing group from file /etc/raddb/sites-enabled/default
Thu Jun 18 16:02:46 2015 : Info: +- entering group REJECT {...}
Thu Jun 18 16:02:46 2015 : Info: [attr_filter.access_reject] expand: %{User-Name} -> SYEDRA
Thu Jun 18 16:02:46 2015 : Debug: attr_filter: Matched entry DEFAULT at line 11
Thu Jun 18 16:02:46 2015 : Info: ++[attr_filter.access_reject] returns updated
Thu Jun 18 16:02:46 2015 : Info: Delaying reject of request 1 for 1 seconds
Thu Jun 18 16:02:46 2015 : Debug: Going to the next request
What could be the cause of this reject?
Thanks.
This e-mail message is for the sole use of the intended recipient and may contain information that is confidential, proprietary or privileged. Any unauthorized review, use, distribution, copying or disclosure is strictly prohibited. If you are not the intended recipient, or the employee or agent responsible for delivering it to the intended recipient, please notify sender of the delivery error by replying to this message and then delete it from your system. Receipt by anyone other than the intended recipient is not a waiver of confidentiality or privilege.
More information about the Freeradius-Users
mailing list